ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] ADSP result set (was: why we should clearly specify domain existence)

2008-05-28 10:39:42

On May 28, 2008, at 7:08 AM, Frank Ellermann wrote:

Douglas Otis wrote:

The otis-dkim-adsp draft modified the terms from

unknown/all/discardable
to
OPEN/CLOSED/LOCKED

So far that is IMO still three terms for two results.

"unknown" is a misnomer since this asserts not signing Author  
Domain messages is permitted.  This practice becomes known once the  
ADSP has been discovered.  The term "OPEN" more correctly indicates  
any outbound SMTP server is "open" to users of the Author Domain.

It's anyway not very interesting for receivers, and so I don't care  
much about the name, "open", "unknown", "neutral", "maybe", whatever.

When describing the "practice" state, using the term "unknown" is  
utterly wrong.  Even asserting a practice has meaning well beyond  
"unknown".  The term OPEN does not attempt to conflate the default  
state with that of an asserted state.

The term "all" incorrectly implies the nature of the assertion.    
Clearly ensuring all messages are signed is beyond the control of  
the domain making this assertion.  Not "all" Author Domain messages  
can be assured to have been signed.

But "all" is clear for receivers, the intention is to sign all  
mails, and anything else is by definition bad.

The CLOSED assertion represents an intent to limit users to signing  
outbound MTAs.  When used for typical email conversations, this intent  
does _not_ ensure receivers that "all" Author Domain emails will  
arrive with valid signatures.  Any reply containing the original  
Author Domain (From email-address) is likely to appear as not being  
signed.  So no "all" is still the wrong term, and is clearly misleading.

Of course that is the definition of the domain owner, the domain  
owner has to educate the users, the receiver can say "getting this  
right is none of my business, I simply reject (or similar) unsigned  
mails on behalf of the domain owner, unless I have a reason to  
accept them, e.g. from a known mailing list".

When asserting CLOSED and ensuring users are limited to signing  
outbound MTAs, messages lacking valid Author Key Domain signatures  
could still be due to many normal reasons.  By asserting CLOSED, the  
Author Domain indicates a desire that invalid signatures be carefully  
weighed and perhaps accepted.  Here the term CLOSED accurately  
indicates the nature of the assertion, whereas "all" does not.

Rather "CLOSED" more correctly indicates non-signing SMTP services  
are considered "closed" to users of the Author Domain.

IMO "closed" is not better than "all", but that could be a matter of  
taste.  My point was that there is no relevant third case  
"discardable" / "locked" as soon as you have "all" / "closed".

Depending upon intended outcome of "discardable", this term  
recommends an action that may not be appropriate, and one that  
degrades the integrity of SMTP delivery.

Yes.  Additionally it's redunant, receivers are free to interpret  
"all" and "discardable" as identical, and in fact I don't see why  
they should interpret these results as different.

Disagree.  When messages from a domain are strictly transactional in  
nature, and are extremely unlikely to have been sent to a "known"  
mailing-list, then the term LOCKED more accurately reflects this  
state.  The LOCKED state is very different from that of CLOSED.  The  
LOCKED assertion might be intended to thwart acceptance from unused  
domains whenever a message lacks a valid signature.  Such strict  
treatment is unlikely practical for typical messages from Author  
Domains that should assert CLOSED instead.  The difference could be  
described as conversational versus transactional use of messages from  
Author Domains.

At one point of the SPF history folks proposed to add a "do what I  
mean" modifier for FAIL.  That proposal wasn't adopted, it would  
downgrade any unmodified FAIL.  The difference between "all" and  
"discardable" is apparently the same "do what I mean" idea, I don't  
like it.

You will find agreement in that respect.  However, some heavily  
phished domains issuing transactional messages desire receivers to  
apply stricter acceptance criteria.  Much like describing the state of  
a door, CLOSED and LOCKED more accurately reflect two clearly distinct  
assertions made by Author Domains.  Terms "all" and "discardable" do  
not offer clear distinctions and are not easily explained.  The term  
"discardable" also has a problem of implying a specific (often  
incorrect) action rather than expressing a state.

"Closed" and "locked" don't improve this situation.

Unfortunately, there may be receivers that don't make a distinction  
between CLOSED and LOCKED.  If such handling becomes prevalent, then  
typical enterprise domains would be advised not to assert CLOSED, and  
would be advised to assert OPEN.  Since OPEN is the default state,  
only a few domains would likely to publish anything.  That result  
would be a failure of the DKIM WG in communicating what the different  
assertions indicate.  The terms "all" and "discardable" do not offer  
any clear understanding or provide clear metaphors.

Dismissal does not imply discard.

+1  But "discardable" is not only the wrong name, it's a redundant  
concept.  The real thing is "all", and what receivers do with it is  
a receiver policy, not a signing practise.

Agreed.  Discardable is the wrong name causing a muddled concept.   
"all" represent an unobtainable ideal and thus is incorrect as well.   
On the other hand, LOCKED might be used as an assertion for unused  
domains where any acceptance of a message lacking an Author Key Domain  
signature would be fully undesired.  A CLOSED Author Domain might  
represent messages being exchanged in conversations where some  
signatures will be damaged.  Carefully weighing acceptance of messages  
from CLOSED Author Domains would be desired instead.  The DKIM WG must  
clearly communicate these critical differences, or you'll be  
absolutely right.

-Doug

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html